geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alan Cabrera <Alan.Cabr...@reuters.com>
Subject RE: securiy role mapping in openejb-jar.xml ?
Date Thu, 02 Sep 2004 14:22:03 GMT


> -----Original Message-----
> From: Prem kalyan [mailto:prem.kalyan@gmail.com]
> Sent: Thursday, September 02, 2004 10:04 AM
> To: user@geronimo.apache.org; dev@geronimo.apache.org
> Subject: securiy role mapping in openejb-jar.xml ?
> 
> hi all,
> 
>          I have few questions on security role mappings. Before that i
> want to put my understanding about security mappings.If there is
> anything wrong in my understanding please let me know.
> 
>         I think ,
> 
> 1 . In ejb-jar.xml  we declare  security roles in <security-role>
tags.
> 
> 2 . In ejb-jar we specify which methods are accessed by which roles
> using <role-name> in <method-permission>.
> 
> 3 . In openejb-jar.xml we asscocite principals to security roles , by
> this we are allowing
> all the principals in a role to access those methods which the role
can
> access .

So far so good.


> Qn :-
> 
>         Why role mappings is part of each EJB.Since we already defined
> what permissions does each role have on each ejb(using
> <method-permissions>) why doing it here again.
> 
>         Isn't it  sifficient to map principals to roles in
openejb.jar?
> 

This level of indirection allows you to take your beans and use them in
an application server of another vendor, e.g. WebLogic.  The mapping of
principals to roles is an OpenEJB specific mechanism, hence it is in the
openejb-jar.xml file.


Regards,
Alan





-----------------------------------------------------------------
        Visit our Internet site at http://www.reuters.com

Get closer to the financial markets with Reuters Messaging - for more
information and to register, visit http://www.reuters.com/messaging

Any views expressed in this message are those of  the  individual
sender,  except  where  the sender specifically states them to be
the views of Reuters Ltd.


Mime
View raw message